Upload
open-xchange
View
439
Download
0
Embed Size (px)
Citation preview
The Building Blocks
for Trusted Internet Services
Openness, Privacy and Security
Neil Cook, Bert Hubert Open-XchangeMarch 15, 2016
2 | Trusted Internet Services Building Blocks
Trusted and integrated solutions Open-Xchange: Who are we?
• 3.5M mail Server installations globally• 68% worldwide market share • Superior scalability & cost efficiency• Full control back to Service Provider • Fully secure (MAAWG / secure email standard)• Storage backend agnostic (S3, object storage)
• EU market leader Domain Name Services (50%)• Authoritative DNS a must for high performance• Best in class DDoS support • Leading DNSSEC >75% of hosted domains• Excellent scalability• Maximum impact on Retention & Performance
OX App Suite – communication and collaboration suite: Engage more customers.OX-as-a-Service – secure, hosted stack from App Suite through to secure storage: Cloud GTM 2.0.
180M sold seats22 countries
17 languagesTrusted Email Services
The Battle for End-Users: Previously
3
Free Free/Subscription
Great Features
Open-Source
OK FeaturesUS-based Based anywhere
4
Free Free/Subscription
The Battle for End-Users: Now
Great Features Great FeaturesUS-based Based anywhere
The Next Battleground: Trust
• Mass Surveillance• Hackers and Foreign
Governments• Hosters and Service Providers
targeted5 | Trusted Internet Services Building Blocks
Why should I trust you?How can I
trust you?
Do I rely on your word?“Don’t be Evil”
“At Apple, your trust means everything to us.”
6 | Trusted Internet Services Building Blocks
Open Source == Trust
• Open Source Software means transparency
• OSS means Open-Standards
• Trust the Openness not the company
7 | Trusted Internet Services Building Blocks
8 | Trusted Internet Services Building Blocks
Hard to migrate your own dataProprietary means Lock-In
Proprietary Cloud Service
My Data
Other Cloud Service
In-House Data-Centre or Software
Migrate Data
9 | Trusted Internet Services Building Blocks
Freedom to choose the right business modelOpen Source means Flexibility
open standards
Run & Host Yourself
Run & Host for others
Use 3rd party service
Security also a new Battleground
Security is an important building block of trust
If I don’t feel secure, how can I trust your services?
Internet security standards make the internet safer
Internet security standards make your users safer
But Google is going big on Security!
DNSSEC
Anything they do… you should do better
DANEOpenPGP/TES
Click on symbol to add a full bleed screenshot
13 | Trusted Internet Services Building Blocks
% pdnsutil secure-zone mydomain.com
But DNSSEC is Hard isn’t it?
14 | Trusted Internet Services Building Blocks
• Securely Authenticate TLS Certs in DNS• Removes reliance on CAs• Even allows self-signed Certs
• Provides “real security” for any services with optional TLS (STARTTLS)• Prevents MITM Attacks• Prevents DNS Spoofing
• Builds on DNSSEC• Way more secure Google’s Red Padlock• Join Trusted Email Services Initiative
(TES) for more
DANE
Sending MTA
Receiving MTA
EHLO foobar.com
MITM
EHLO foobar.com250 STARTTLS250 example.net
CLEARTEXT CLEARTEXT
15 | Trusted Internet Services Building Blocks
OpenPGP and HKP: Real E2E EncryptionI’d like to send an
encrypted message to [email protected]
Mail Client (WebMail, App,
MTA)
DNS
HKP Server for example.com
Query: SRV _hkp._tcp.example.com?
Answer: hkp.example.com:11371
Public Key: [email protected]?Answer: -----BEGIN PGP PUBLIC KEY BLOCK
16 | Trusted Internet Services Building Blocks
17 | Trusted Internet Services Building Blocks
How do you compete with Free?21st Century Business Model:
“We give you service, you give us your privacy”
Difficult for “Free” to tailor their services
Higher Security
Stricter Privacy
Regulatory Requirements
Locality
Encryption
Special-Needs
Customer Service
People will pay for differentiated services
No need to compromise privacyCan develop relationship with customer
Open and Honest Contract leads to Trust
Can tailor service to customer requirements
Internet Services Building Blocks
21 | Trusted Internet Services Building Blocks
Features
Trusted Internet Service
Open Source & Open Standards
Privacy & Security
Tailored and Differentiated